If you are a client or partner, make sure to log in to see all content. If you are a SFMC customer, log in to your account to access the Return Path Platform and Help Center.

How to set up a DMARC record

We suggest you set up a Domain-based Message Authentication Reporting and Conformance (DMARC) record to monitor your domains. DMARC helps monitor for both fraudulent email that may hurt your brand, as well as legitimate traffic for Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) authentication performance.

Be sure to enter your email addresses after "mailto:". These addresses are where the reports are sent.

If you are working with an ESP or other third party who will receive the DMARC reports on your behalf, ask your account representative which email addresses you should use.

This is the suggested record for when you first implement DMARC.

v=DMARC1 indicates the protocol version.

The suggested DMARC record above includes a monitor policy (p=none). This means that you are not instructing mailbox providers to take any action with your email that fails authentication.

rua contains the address where you want to receive aggregate reports.

ruf contains the address where you want to receive forensic reports.

To begin receiving DMARC reports without impacting your current email program, we suggest publishing the record with p=none.

Make sure you have at least an A record, Mail Exchange (MX) record, or AAAA record in the DNS for the domain if you plan on using it to send email.

After you implement DMARC, we recommend that you monitor your domains for at least 30 days. This can help you make sure that your own legitimate email is authenticating correctly before you decide to implement a reject (p=reject) or quarantine (p=quarantine) policy.

Reporting destination information

DMARC supports the ability to send reports to multiple destination addresses. However, you should avoid using more than two different destinations as many mailbox providers do not send reports to more than two.

In the case that multiple email addresses are needed for DMARC reports, each destination must be outlined within the RUA and RUF statement blocks in the DMARC record. Additionally, each destination needs to be delineated with a comma within the RUA and RUF blocks.

Note: Do not list multiple RUA and RUF statements otherwise your DMARC record will be considered incorrect and reports will not be generated.